1. Technical Field
The present invention relates generally to the machine learning and more specifically to learning security policies with machine learning techniques.
2. Discussion of Related Art
Research on machine learning has been conducted for many years and significant accomplishments have been achieved. However, there is still one basic constraint, which may be stated as “A machine cannot learn what is not provided to it.” For a particular machine learning exercise to produce good results, a diverse enough set of training input examples covering an entire space of interest needs to be provided. This set of input examples are typically called the training set. Diversity in the training set means the set contains enough information to be learned so the learning process could produce a desirable result. For example, if the goal is to learn a five-class classifier but the training set contains no examples of class 3, then the learning process would not even know there is a class 3.
In computer systems, a policy was a set of rules with a clear intuitive motivation that could be formalized to good effect. The word can also denote more complex rules, e.g., for risk decisions, etc. Previous research on policy transformation has demonstrated that automated tools can transform high-level human-understandable policy rules to low-level machine executable rules. There also have been attempts on using machine learning on issues related to information processing systems, such as learning patterns of intrusions to information processing systems and learning network routing policies. However, there have been no known attempts at automatically generating a security policy for an information processing system from previous decision examples using machine learning techniques, especially when the examples are not diverse enough.
Therefore, a need exists for a system and method for learning security policies from previous decision examples since human beings are generally much better at making specific decisions from specific inputs than writing generalized, abstract policies.